You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by jl...@apache.org on 2015/02/13 21:22:22 UTC

hadoop git commit: YARN-2847. Linux native container executor segfaults if default banned user detected. Contributed by Olaf Flebbe (cherry picked from commit 1a0f508b6386b1c26ec606f6d73afddaa191b7d8)

Repository: hadoop
Updated Branches:
  refs/heads/branch-2 f50779155 -> c9cd58d71


YARN-2847. Linux native container executor segfaults if default banned user detected. Contributed by Olaf Flebbe
(cherry picked from commit 1a0f508b6386b1c26ec606f6d73afddaa191b7d8)


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/c9cd58d7
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/c9cd58d7
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/c9cd58d7

Branch: refs/heads/branch-2
Commit: c9cd58d711dceeb0d3f12ec72cdc2eb7bb95b694
Parents: f507791
Author: Jason Lowe <jl...@apache.org>
Authored: Fri Feb 13 20:20:07 2015 +0000
Committer: Jason Lowe <jl...@apache.org>
Committed: Fri Feb 13 20:22:12 2015 +0000

----------------------------------------------------------------------
 hadoop-yarn-project/CHANGES.txt                 |  3 +++
 .../impl/container-executor.c                   |  3 ++-
 .../test/test-container-executor.c              | 24 ++++++++++++++++----
 3 files changed, 24 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9cd58d7/hadoop-yarn-project/CHANGES.txt
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt
index 8be8934..9767bd5 100644
--- a/hadoop-yarn-project/CHANGES.txt
+++ b/hadoop-yarn-project/CHANGES.txt
@@ -557,6 +557,9 @@ Release 2.7.0 - UNRELEASED
     YARN-3164. RMAdmin command usage prints incorrect command name. 
     (Bibin A Chundatt via xgong)
 
+    YARN-2847. Linux native container executor segfaults if default banned
+    user detected (Olaf Flebbe via jlowe)
+
 Release 2.6.0 - 2014-11-18
 
   INCOMPATIBLE CHANGES

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9cd58d7/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
index 314a05e..1c214c6 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
@@ -684,8 +684,9 @@ struct passwd* check_user(const char *user) {
     return NULL;
   }
   char **banned_users = get_values(BANNED_USERS_KEY);
-  char **banned_user = (banned_users == NULL) ? 
+  banned_users = banned_users == NULL ?
     (char**) DEFAULT_BANNED_USERS : banned_users;
+  char **banned_user = banned_users;
   for(; *banned_user; ++banned_user) {
     if (strcmp(*banned_user, user) == 0) {
       free(user_info);

http://git-wip-us.apache.org/repos/asf/hadoop/blob/c9cd58d7/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
----------------------------------------------------------------------
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
index 7f08e06..be6cc49 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c
@@ -89,15 +89,19 @@ void run(const char *cmd) {
   }
 }
 
-int write_config_file(char *file_name) {
+int write_config_file(char *file_name, int banned) {
   FILE *file;
   file = fopen(file_name, "w");
   if (file == NULL) {
     printf("Failed to open %s.\n", file_name);
     return EXIT_FAILURE;
   }
-  fprintf(file, "banned.users=bannedUser\n");
-  fprintf(file, "min.user.id=500\n");
+  if (banned != 0) {
+    fprintf(file, "banned.users=bannedUser\n");
+    fprintf(file, "min.user.id=500\n");
+  } else {
+    fprintf(file, "min.user.id=0\n");
+  }
   fprintf(file, "allowed.system.users=allowedUser,daemon\n");
   fclose(file);
   return 0;
@@ -385,7 +389,7 @@ void test_delete_user() {
 
   char buffer[100000];
   sprintf(buffer, "%s/test.cfg", app_dir);
-  if (write_config_file(buffer) != 0) {
+  if (write_config_file(buffer, 1) != 0) {
     exit(1);
   }
 
@@ -745,7 +749,7 @@ int main(int argc, char **argv) {
     exit(1);
   }
   
-  if (write_config_file(TEST_ROOT "/test.cfg") != 0) {
+  if (write_config_file(TEST_ROOT "/test.cfg", 1) != 0) {
     exit(1);
   }
   read_config(TEST_ROOT "/test.cfg");
@@ -817,6 +821,16 @@ int main(int argc, char **argv) {
   seteuid(0);
   // test_delete_user must run as root since that's how we use the delete_as_user
   test_delete_user();
+  free_configurations();
+
+  printf("\nTrying banned default user()\n");
+  if (write_config_file(TEST_ROOT "/test.cfg", 0) != 0) {
+    exit(1);
+  }
+
+  read_config(TEST_ROOT "/test.cfg");
+  username = "bin";
+  test_check_user();
 
   run("rm -fr " TEST_ROOT);
   printf("\nFinished tests\n");